Training could be the missing leg of IPv6

Related Links

As the government moves to IPv6, a few things are certain: companies will develop IPv6 products to meet that demand, and federal officials will find money to upgrade their agencies’ backbone networks — even if some complain that IPv6 is an unfunded mandate.

But what is not certain is whether network administrators, information security experts and other federal employees will be ready for the transition by June 2008. Agency and industry experts agree that too few departments are placing enough emphasis on training and testing to prepare for the transition deadline that falls 15 months from now.

“Whoever supports the network needs training,” said Peter Tseronis, the Education Department’s director of network services. “And you need different types of training for agency executives, CIOs, middle-manager types and those that do the network plumbing.”

The CIO Council and the National Institute of Standards and Technology, along with the Office of Management and Budget, have offered some aids to help with the transition. The council, for example, has published IPv6 best practices, and NIST is developing testing procedures. Doug Montgomery, manager of NIST’s internetworking technologies group, said the agency should have draft testing procedures completed by spring. The agency may set up independent testing labs, he added. The National Security Agency is also paying about $30 million to vendors to develop IP encryptors for classified networks.

But even with those aids, agencies can’t assume that IPv4 is the same as IPv6 and therefore overlook employee training needs, said Brett Thorson, a network integration and security adviser at the North American IPv6 Task Force, a public/private/academic organization.

“The engineer will have IPv4 knowledge, but you can’t guarantee they will have IPv6 knowledge,” Thorson said at a recent government-sponsored IPv6 event in Washington, D.C. “This is the best time to train someone, even if it is one person,” he said. “When they come back, the information will trickle down.”

Meanwhile, industry has begun to focus on the training phase of the IPv6 transition. For example, Microsoft is working with the International Information Systems Security Certification Consortium to develop IPv6 security training and make it part of that organization’s certification program, said Sean Siler, Microsoft’s lead program manager for IPv6 deployment and field readiness. “The security architects need to be trained first,” Siler said, adding that “most have no idea how to secure” IPv6 networks.

Some, if not all, agencies are emphasizing training. The Agriculture Department is making training plans, said Janice Lilja, USDA’s associate CIO for telecommunications services and operations. Her office has talked to several companies, such as Cisco Systems, Microsoft and IBM, about their IPv6 training programs. Lilja is working with Army officials at Fort Huachuca, Ariz., on preparations for training employees.

“They are experts and will come in to provide three days of training, including one day on just IPv6 for telecom workers,” Lilja said.

With the deadline approaching, OMB has been keeping tabs on agencies’ IPv6 progress. John McManus, chairman of the CIO Council’s IPv6 Working Group and the Commerce Department’s deputy CIO, said agencies are reviewing OMB’s comments on their transition plans, adding milestones and adjusting dates.

McManus said agencies should complete their final network testing by April 2008. A handful of agencies already are ready to begin testing, and about 70 percent are making good progress toward meeting the deadline, he added.

1105 Government Information Group senior writer Bill Jackson contributed to this story.

Agencies work with IPv6 requirementsAs the June 2008 deadline approaches for agencies to run IPv6 on their backbone networks, most agencies have submitted their final transition plans to the Office of Management and Budget. OMB required agencies to submit those plans last week.